General
-
Target
5acd875611e7622ff7b4a922262a49897693943625d5b497f62eb3e7d903b186
-
Size
4.7MB
-
Sample
221123-vna4yscd6z
-
MD5
c9b0a492274bbb229ce58a5c265b233e
-
SHA1
89cbdc155646a3b7d573b94d348acee01e7e5dd8
-
SHA256
5acd875611e7622ff7b4a922262a49897693943625d5b497f62eb3e7d903b186
-
SHA512
47c8625e8b13edd227e882e0fc3c2398d8cc798c861145fce45b087c47de02b1b396681baa0330413cc041ffbfe1080deb7acdc70581978dfb2853ad07f3b180
-
SSDEEP
98304:CcDX/liFR4jmGH48Gfk1rfY2gMyAXKu6lByM+UuLU785t6U4:J98Eyfk4vAx6aawkU4
Static task
static1
Behavioral task
behavioral1
Sample
豪迪QQ群发7.7 破解版/CheckVer1.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
豪迪QQ群发7.7 破解版/CheckVer1.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
豪迪QQ群发7.7 破解版/Desklog.dll
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
豪迪QQ群发7.7 破解版/Desklog.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
豪迪QQ群发7.7 破解版/GetInfo.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
豪迪QQ群发7.7 破解版/GetInfo.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
豪迪QQ群发7.7 破解版/QS2013.exe
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
豪迪QQ群发7.7 破解版/QS2013.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
豪迪QQ群发7.7 破解版/CheckVer1.dll
-
Size
41KB
-
MD5
cc6d2f0d3e2982be8d1f37bb276e41a6
-
SHA1
a0d7993f265d19c0cd91070d68d84a24ee41a493
-
SHA256
a6a5e2013a470559de3f7c755acedcc1088c3824cae778d6c8c76c16b22fe231
-
SHA512
cea88dcdf6b6da2c894e234628d49784977de66bfbebe6b490195d622dceeac245d88b3ff429b3b6b0297e4db9bdde10e14a3b4278e8b2e1850f811bef9da67f
-
SSDEEP
768:SCpqFQtwmjmx+0jp61c4O99Yr3zhv8TUJmHps04BtzXBGkG+I8x:1pqFQVCNVdrYr3eUk8Vxa+Jx
Score1/10 -
-
-
Target
豪迪QQ群发7.7 破解版/Desklog.dll
-
Size
1KB
-
MD5
bd51f00d39ba2c00249e6ea39db09201
-
SHA1
dfcaa94329dee74fd0b768e0f1d851908d86db61
-
SHA256
edbbf8d5575d53f4b9a02e4a8e1d266aac4bba557436746a654b0a9cfef60490
-
SHA512
63688789eee07e63f216e8ba5177ea826fd6d13e2531928fd69838904b7964aec55c1a604e0d9cf7d36fabd113229cdec8063e3e856a219f56c0dd7a79df44b5
Score1/10 -
-
-
Target
豪迪QQ群发7.7 破解版/GetInfo.dll
-
Size
41KB
-
MD5
eedbb80f1f86de86a725e732e59b57bc
-
SHA1
0db7783259907768cf8f300a2953707d926afa16
-
SHA256
a42a94dbb4ed29fd71b0d4e67082bb01cf678d08582f46fe16f1c88b9e58f946
-
SHA512
c82e86a9fccfba73c051eb462080a950f047b706f904f3a2fc75bbbce1d1892c1c6f22521fe0f661b8a39c4cab368cda6a46a3f431bde4528281cabc2420977c
-
SSDEEP
768:WCpqOQdwHPoBuUSdB6zW/U9Bok+VN5KvwEW3XkjTkd4Btd8VeGiSB8xZ:RpqOQYM9SzsoBBta78E9SmxZ
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
豪迪QQ群发7.7 破解版/QS2013.exe
-
Size
2.2MB
-
MD5
327f826191b63c077bbe95ef3dd5f63a
-
SHA1
bec63f9b09f91a4b307ad11619126ace7fe0b18e
-
SHA256
7e13145fdbdc9cdb8f103f1d654ebbd3188d75274b82298990eda1d9a5667ab2
-
SHA512
26b647ec8e8a435565ff914133d459c9aa9c58cfef8fa691025b104f356d01ab7d225c243a196a13a595a95bb4aab1942fd6a2619ee30c918368e59130819699
-
SSDEEP
49152:hDHRzI9C8WN+j65234IPcunLh6X/IwgqGl1WqYQby6WWouFhKUNmRWdiqUbL2Iql:ZHdIMHNgL0udmglGsjUOx
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-